As
organizations are growing, their assets in terms of employees, data, IT
hardware / software and other fixed assets are growing. To protect the IT assets which includes
database, applications, networks and hardware devices etc. there are various
software security methods like firewall, passwords, encryption which are commonly
used. However, the number of thefts of data and IT products (Hardware and
Software) has not gone down and is continuously rising. Organizations have
realized that software security or logical security is not sufficient and
adequate to take care of these thefts. Hence, to reduce these theft and data
loss, physical security can be implemented, updated and managed by
organizations. If implemented properly and efficiently it can completely
eradicate such incidents. Physical security can be distinguished into two main
categories Preventive security and Curative / detective security.
Preventive
Security: Preventive security can be implemented using various methods which
would avoid any security breach from taking place.
Some
of the major methods and types of preventive physical security are as listed
below:
1. Swipe
card access
2. Thump
impression or Bio metric controls
3. Regular
training sessions on security
4. Infrastructure
- Swipe Card Access: This is a physical security method which has gained importance in recent years. This involves providing access card to its employees and having access lock deployed on all the doors or to certain restricted areas. Also, this access can be defined based on the designation of the employee in the organization. Whenever access card is swiped at any door the swipe date time along with the employee ID is recorded in the system which can then be used for analysis through generating reports. Thus, it helps reduce the chances of unauthorized access in restricted and office areas.
- Thumb Impression / Bio Metric controls: This is another method similar to the swipe card method. It is much more evolved as it unlocks the door only through thumb impression or eye scanner of respective employees. In case, of access card, if it is lost then it can be misused. Thumb / palm impression or other bio metric controls is much more reliable and safe physical security method as compared to Access card as there is no question of misplacing the control !! The equipment used for Bio metric controls are expensive as compared to access card and hence it is only used for high security areas or to areas where the most valuable assets of the organizations are placed / deployed.
- Infrastructure: Last but not the least this an important high level physical security method which needs to be implemented during constructions or renovation of the office. This can be implemented by keeping in mind points like there should be less number of walls, surveillance should be easy, emergency exit should be easily accessible, need to have one or two areas which can be kept hidden from others where important and valuable assets can be maintained / deployed etc.
Other
avenues to areas to be covered in physical security are
- Regular training sessions on security: This is another important method of implementing and managing physical security. All your physical security methods will not provide desired results if this method is not implemented and users are not trained regularly. This includes training employees periodically on security. These training may include managing access card, login passwords, lockers and drawers, handling of data and valuable assets of the organization etc. These sessions can be held regularly and it is required to make sure that no employee is skipping these training sessions. Also ensure that third party contractors / vendors who may be impacted are also covered through the trainings.
- Security Guards: This physical security method involves human beings who are hired and deployed as security guards. This is a difficult method to deploy as it involves human beings which can violate their rights at any point in time. Thus, before deploying a security guard it is mandatory to do their background verification, so that the respective security guard can be tracked incase of breach of security. Along with deploying security guards, it is important to deploy them at right places, train them well and manage them in such a way that no guard is over worked or physically strained due to work.
Curative
/ detective security: Curative security can be implemented using various
methods which would identify the reason / individual responsible for the theft.
The common control for detection is CCTV Cameras.
- CCTV Cameras: This is a technology which has now become mandatory for all the organization. It is been implemented by all the organization as and when they acquire new office or branch. This can be done by implementing CCTV Cameras (Closed Circuit Television Cameras) strategically such that minimum units are used and maximum areas are covered under surveillance. There are steady as well as rotating camera units which can be implemented keeping in mind that no area is missed out. The connections of all these cameras throughout the organization are terminated at a central location called as the control room where a responsible employee monitors the overall organizations using this facility. Also, these recordings are stored in discs which can be used as evidence whenever required.
Thus
it can be seen that for an organizational success and growth security is
important. However, along with software, physical security is also very
important for protection of assets and reducing thefts. Physical security can be implemented
successful by implementing all or some of the above mentioned method based on
the nature of your business and type of your organization.
About Author:
Amol Bhembre is a consultant in Systems Plus Pvt. Ltd. Within Systems Plus, he actively contributes to the areas of Technology and Information Security. He can be contacted at: amol.b@spluspl.com
ReplyDeleteTHANK YOU FOR THE INFORMATION
PLEASE VISIT US
customized erp software